Managed Kubernetes
Managed Kubernetes provides a dedicated and Project Syn enabled Kubernetes cluster, on several clouds. VSHN provisions and maintains the Kubernetes cluster throughout its lifetime and makes sure the Project Syn provided tools are running and available to the user of the platform. Managed Kubernetes clusters provide a production ready Kubernetes environment to host the users applications.
Included Services and Features
Platform features
- Cluster provisioning
-
Provisioning of Kubernetes cluster on supported clouds.
- Cluster maintenance
-
The cluster components (control plane and worker nodes) are regularly maintained and updated with the latest patches and releases.
- Backup
-
A backup of etcd (the storage used to store Kubernetes objects) data is done regularly. A second backup, stores the raw Kubernetes objects.
These backups serve a very limited purpose. They can only be used to deal with data corruption within etcd.
Those backups can not be used as a means for disaster recovery purposes (like for instance to recover from a failed infrastructure). If you need this ability, please talk to us.
Most importantly, those backups do NOT cover data in persistent volumes. Users are responsible to have backups of their application data. For this, K8up is deployed on the cluster to help with that task.
- Monitoring and Alerting
-
Monitoring of cluster and system services functionality and alert handling according to SLA. Alert rules and thresholds are continuously assessed and regularly maintained.
This includes the Kubernetes cluster itself (control-plane and worker nodes) and the Project Syn provided tooling, no customer specific application and services running on the cluster. The Project Syn provided monitoring solution can be used by the user of the platform to integrate their own alerting and metrics collection.
VSHN provides additional services to also monitor customer applications running on the cluster.
- Metrics
-
Metrics emitted by all system services and the Kubernetes cluster components are continuously collected and presented in a graphical way.
- System Services
-
A variety of system services are included, pre-configured, ready to be used. A non-exhaustive selection:
-
cert-manager: Automated certificate management, supports Let’s Encrypt
-
- Persistent Storage
-
Persistent storage is available out of the box with Kubernetes CSI (Container Storage Interface) when supported by the infrastructure provider.
VSHN added features
- GitOps
-
Every cluster has Argo CD deployed which is managed by VSHN with Project Syn.
Each cluster has its own configuration Git repository managed either by Project Syn Lieutenant or by the customer itself. This repository stores the whole configuration of the cluster for all Project Syn tools.
Argo CD can also be used by the customer to deploy applications using GitOps.
- VSHN Application Marketplace
-
For deploying services like databases, caches or others, the VSHN Application Catalog is available on each cluster.
- K8up for Backup
-
The backup Operator K8up is preinstalled and configured, ready to be used by the user of the platform. Taking care and managing the backups is offered in AppOps - Cloud Native Application Operations.
- Secret Management with Vault
-
No secrets are stored in plaintext, they all live in protected key stores. By applying best-practices configuration we ensure secure configuration by default of all components. Only TLS secured connections are used.
- Tools Maintenance with Renovate
-
Tools and system services managed with Project Syn are automatically maintained with Renovate and deployed/updated with GitOps mechanisms.
- Inventory
-
Keeping an overview of all the Kubernetes clusters, their versions, locations and other important information is provided by Project Syn Lieutenant and available in the VSHN Portal.
VSHN Support and Services
- Alert handling
-
Alerts are handled according to the service levels chosen.
- Best-Practices Configuration
-
VSHN makes use of best-practices configuration, learned from running Kubernetes and applications on top of it in production since many years, and applies them continuously. As the best-practices evolve over time, they are integrated as they are learned.
- Expert Pool
-
The Kubernetes experts at VSHN are available to help the user of the platform. By taking part in the Open Source community of the key software used by VSHN, communication with the upstream developers happens daily.
Fun fact: VSHN is Switzerlands first official Kubernetes Certified Service (KCSP) provider, and therefore we’re listed on the official Kubernetes Partners page.
- VSHN Portal
-
The VSHN Portal provides access to many self-service capabilities like:
-
Ticket management
-
Reporting functionality
-
Kubernetes cluster insights
-
User account management
-
Billing information
Our detailed VSHN Portal help system provides a glance at what the VSHN portal can offer and how it looks like.
-